What Is PCI Compliance? What You Need To Know
Businesses that take payment card details from customers over the phone are required to comply with the PCI DSS guidelines. These guidelines are otherwise known as The Payment Card Industry Data Security Standards and have been compiled to make sure that companies that receive such data keep it secure. Here, we’re taking a closer look at what you need to know about PCI compliance.
What Is PCI SSC & Why Was It Launched?
The Payment Card Industry Data Security Standards Council (PCI SSC) was launched in September 2006 in order to effectively manage the evolution of the Payment Card Industry Data Security Standards (PCI DSS). The PCI SSC particularly focuses on improving the security of payments throughout the process of a transaction, to make sure that customers’ bank card details remain confidential. With these standards, consumers can be confident that their bank details remain private and that their accounts cannot be hijacked by hackers or intercepted by malware.
The 12 Requirements Of The PCI DSS
As aforementioned, any business that stores, processes or transmits cardholder data must comply with the Payment Card Industry Data Security Standard. The 12 requirements of the PCI DSS are:
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Protect all systems against malware and regularly update antivirus software or programs
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business need to know
- Identify and authenticate access to system components
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information security for all personnel
It is important to note that while the PCI SSC set the security standards, each payment card hosts its own compliance program. This includes Visa, MasterCard, American Express, JCB and Discover. You can find out more information about each of these programs, by visiting the relevant brand’s website.
The Benefits Of PCI Compliance
Even though ensuring that your business complies with the 12 PCI Security Standards can seem daunting, there are several benefits of compliance. With PCI compliance, you can be confident that your systems are secure and, in the event of a security breach, protected from data theft. In turn, this helps to build trust among your customer base, as they will be unable to fault the services that you provide.
Here at TransWorldCom, we provide organisations across all industries with a fully PCI DSS compliant way to take payment card details, without the need to make any changes to existing systems. For more information about the Payment Card Industry Data Security Standard or the Payment Card Industry Security Standards Council, get in touch with a member of our expert team on 0800 248 900 or alternatively, fill out our quick and easy contact form and we will get back to you as soon as possible.
UK HEAD OFFICE:
32-34 Station Close
USA SUPPORT OFFICES:
MIDDLE EAST SUPPORT OFFICE:
ASIA SUPPORT OFFICE:
Hong Kong, China